The bug fixed in cURL 8.4.0 (CVE-2023-38545) is a nasty one, but it seems rather harmless in our context.
First of all, if you don’t use socks5, this issue should be irrelevant. (But do your own research. Source code is there for you to freely study, modify, compile.)
According to the blog, the bug could be exploited only if a socks5 proxy user is tricked to resolve a crazy long hostname (~1024 characters+), which sounds unlikely; except if your direct peer is evil, they might be able to send you a crazy long hostname instead of a numeric IP… maybe? However, if you’re on socks5 proxy, the attacker can’t see your real IP to begin with, so they can’t attack you (I think).
The only attack vector my stupid head can think of is: if for some reason you use both clear connections and socks5 connections, then a lucky attacker who notices your behavior can hit your real IP when you’re on Tor, using your wallet address as an identifier. (Tor exit nodes are public, so they know someone is on Tor.) Even then, maybe the worst thing that could happen is that your p2pool crashes due to buffer overrun.
You must log in or register to comment.